You Want a Free VPN for securing you're connection, you don't want the third party to sneak up behind you and see or steal your data, you are not alone, we all want that, easy way buy a premium vpn there are tons of out there, but we they are paid, so lets have our own VPN.
Without Further Delay lets get started,
LITTLE BIT OF LINUX
We are going to use the service name LightSail in here, you ask why? Well, first we can run the sever for free (3 Months) if you are well-passed you're free tier of AWS.
Let's create the Instance
Let's connect to the instance with SSH, LightSail give us web-based ssh and terminal based, for terminal based we need the key, Download the Default key from here
and lets start executing some linux commands.
Start the SSH connection
ssh ubuntu@<IP> -i <path-to-key>
Install the Wireguard
sudo -i apt update apt install wireguard -y
After Installing it, we need to enable the port forwarding so that after connecting to instance we can still use the internet freely
run the following command to do so
and add the following line
After adding the line execute the following command to make it permanent
sysctl -p /etc/sysctl.d/10-wireguard.conf
After enabling the Port Forwarding lets move to the Wireguard directory
NOTICE: Important We are generating key for the server make sure that you don't share any private key from here.
Execute the following commands
wg genkey | tee server.key | wg pubkey > server.pub
wg & wg-quick is command-line tool for interacting with Wireguard.
We will be using these file in our next step.
for our VPN here whatever you want to name the configuration file you can name it and it will create a interface with the same name
but it must contain the .conf
Add these line into it
[Interface] Address = 10.1.1.1/24 ListenPort = 51820 PrivateKey = <server.key> PostUp = iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE PostDown = iptables -t nat -D POSTROUTING -o eth0 -j MASQUERADE
run the following command to start it
systemctl enable --now wg-quick@vpn
Verify it's running successfully
systemctl status wg-quick@vpn
So our VPN Server is now running but we need to give the access to user, for that we need to generate some more files using the wg but I love the GUI so after doing some digging I found this amazing dashboard thanks to the author I can do everything from Dashboard only
Here the github link
let's clone the repo
git clone -b v3.0.6 https://github.com/donaldzou/WGDashboard.git wgdashboard
change the directory & execute some commands
cd wgdashboard/src chmod u+x wgd.sh ./wgd.sh install chmod -R 755 /etc/wireguard apt install python3-pip -y pip3 install -r requirements.txt ./wgd.sh start
Make Sure the port 10086 being used by running
And we are done here
Open the Dashboard by going to
In my case http://18.104.22.168:10086/
Go to the Setting Page
Peer Remote Endpoint (This will be change globally, and will be apply to all peer's QR code and configuration file.)
From anything like this
to You're Public IP of the Instance in my case 22.214.171.124
Go to WireGuard Client And add the tunnel by importing the downloaded file and click
If Everything is right you will be connected to the VPN check your IP to verify it.
If any question plz feel free to ask in the comments